wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-03 04:34:41 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fixes for building Ed/Curve for building on 32/64 bit with uint64_t. Fixes for build with Ed/Curve with ECC disabled.

Browse Source
This commit is contained in:
David Garske
2017-06-19 10:09:12 -07:00
parent ee83710a0a
commit 7fdb7037d8
6 changed files with 66 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
src/internal.c
View File

@@ -3429,6 +3429,7 @@ int EccMakeKey(WOLFSSL* ssl, ecc_key* key, ecc_key* peer)
return ret; return ret;
} }
#endif /* HAVE_ECC */
#ifdef HAVE_ED25519 #ifdef HAVE_ED25519
/* Sign the data using EdDSA and key using X25519. /* Sign the data using EdDSA and key using X25519.
@@ -3640,7 +3641,7 @@ static int X25519MakeKey(WOLFSSL* ssl, curve25519_key* key,
return ret; return ret;
} }
#endif /* HAVE_CURVE25519 */ #endif /* HAVE_CURVE25519 */
#endif /* HAVE_ECC */
#endif /* !NO_CERTS */ #endif /* !NO_CERTS */
#if !defined(NO_CERTS) || !defined(NO_PSK) #if !defined(NO_CERTS) || !defined(NO_PSK)
@@ -17906,7 +17907,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
} }
break; break;
#endif /* !NO_DH && !NO_PSK */ #endif /* !NO_DH && !NO_PSK */
#if defined(HAVE_ECC) && !defined(NO_PSK) #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && !defined(NO_PSK)
case ecdhe_psk_kea: case ecdhe_psk_kea:
/* sanity check that PSK client callback has been set */ /* sanity check that PSK client callback has been set */
if (ssl->options.client_psk_cb == NULL) { if (ssl->options.client_psk_cb == NULL) {
@@ -17963,7 +17964,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
ret = EccMakeKey(ssl, (ecc_key*)ssl->hsKey, ssl->peerEccKey); ret = EccMakeKey(ssl, (ecc_key*)ssl->hsKey, ssl->peerEccKey);
break; break;
#endif /* HAVE_ECC && !NO_PSK */ #endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */
#ifdef HAVE_NTRU #ifdef HAVE_NTRU
case ntru_kea: case ntru_kea:
if (ssl->peerNtruKeyPresent == 0) { if (ssl->peerNtruKeyPresent == 0) {
@@ -17971,10 +17972,12 @@ int SendClientKeyExchange(WOLFSSL* ssl)
} }
break; break;
#endif /* HAVE_NTRU */ #endif /* HAVE_NTRU */
#ifdef HAVE_ECC #if defined(HAVE_ECC) || defined(HAVE_CURVE25519)
case ecc_diffie_hellman_kea: case ecc_diffie_hellman_kea:
{ {
#ifdef HAVE_ECC
ecc_key* peerKey; ecc_key* peerKey;
#endif
#ifdef HAVE_PK_CALLBACKS #ifdef HAVE_PK_CALLBACKS
/* if callback then use it for shared secret */ /* if callback then use it for shared secret */
@@ -18007,8 +18010,8 @@ int SendClientKeyExchange(WOLFSSL* ssl)
ssl->peerX25519Key); ssl->peerX25519Key);
break; break;
} }
else
#endif #endif
#ifdef HAVE_ECC
if (ssl->specs.static_ecdh) { if (ssl->specs.static_ecdh) {
/* TODO: EccDsa is really fixed Ecc change naming */ /* TODO: EccDsa is really fixed Ecc change naming */
if (!ssl->peerEccDsaKey || if (!ssl->peerEccDsaKey ||
@@ -18037,10 +18040,11 @@ int SendClientKeyExchange(WOLFSSL* ssl)
} }
ret = EccMakeKey(ssl, (ecc_key*)ssl->hsKey, peerKey); ret = EccMakeKey(ssl, (ecc_key*)ssl->hsKey, peerKey);
#endif
break; break;
} }
#endif /* HAVE_ECC */ #endif /* HAVE_ECC || HAVE_CURVE25519 */
default: default:
ret = BAD_KEA_TYPE_E; ret = BAD_KEA_TYPE_E;
@@ -18206,7 +18210,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
break; break;
} }
#endif /* !NO_DH && !NO_PSK */ #endif /* !NO_DH && !NO_PSK */
#if defined(HAVE_ECC) && !defined(NO_PSK) #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && !defined(NO_PSK)
case ecdhe_psk_kea: case ecdhe_psk_kea:
{ {
word32 esSz = 0; word32 esSz = 0;
@@ -18291,7 +18295,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
break; break;
} }
#endif /* HAVE_NTRU */ #endif /* HAVE_NTRU */
#ifdef HAVE_ECC #if defined(HAVE_ECC) || defined(HAVE_CURVE25519)
case ecc_diffie_hellman_kea: case ecc_diffie_hellman_kea:
{ {
ssl->arrays->preMasterSz = ENCRYPT_LEN; ssl->arrays->preMasterSz = ENCRYPT_LEN;
@@ -18316,6 +18320,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
break; break;
} }
#endif #endif
#ifdef HAVE_ECC
#ifdef HAVE_PK_CALLBACKS #ifdef HAVE_PK_CALLBACKS
/* if callback then use it for shared secret */ /* if callback then use it for shared secret */
if (ssl->ctx->EccSharedSecretCb != NULL) { if (ssl->ctx->EccSharedSecretCb != NULL) {
@@ -18329,9 +18334,10 @@ int SendClientKeyExchange(WOLFSSL* ssl)
if (ret != 0) { if (ret != 0) {
ERROR_OUT(ECC_EXPORT_ERROR, exit_scke); ERROR_OUT(ECC_EXPORT_ERROR, exit_scke);
} }
#endif /* HAVE_ECC */
break; break;
} }
#endif /* HAVE_ECC */ #endif /* HAVE_ECC || HAVE_CURVE25519 */
default: default:
ret = BAD_KEA_TYPE_E; ret = BAD_KEA_TYPE_E;
@@ -18400,7 +18406,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
break; break;
} }
#endif /* !NO_DH && !NO_PSK */ #endif /* !NO_DH && !NO_PSK */
#if defined(HAVE_ECC) && !defined(NO_PSK) #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && !defined(NO_PSK)
case ecdhe_psk_kea: case ecdhe_psk_kea:
{ {
#ifdef HAVE_CURVE25519 #ifdef HAVE_CURVE25519
@@ -18434,7 +18440,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
); );
break; break;
} }
#endif /* HAVE_ECC && !NO_PSK */ #endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */
#ifdef HAVE_NTRU #ifdef HAVE_NTRU
case ntru_kea: case ntru_kea:
{ {
@@ -18459,10 +18465,12 @@ int SendClientKeyExchange(WOLFSSL* ssl)
break; break;
} }
#endif /* HAVE_NTRU */ #endif /* HAVE_NTRU */
#ifdef HAVE_ECC #if defined(HAVE_ECC) || defined(HAVE_CURVE25519)
case ecc_diffie_hellman_kea: case ecc_diffie_hellman_kea:
{ {
#ifdef HAVE_ECC
ecc_key* peerKey; ecc_key* peerKey;
#endif
#ifdef HAVE_CURVE25519 #ifdef HAVE_CURVE25519
if (ssl->peerX25519KeyPresent) { if (ssl->peerX25519KeyPresent) {
@@ -18481,6 +18489,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
break; break;
} }
#endif #endif
#ifdef HAVE_ECC
peerKey = (ssl->specs.static_ecdh) ? peerKey = (ssl->specs.static_ecdh) ?
ssl->peerEccDsaKey : ssl->peerEccKey; ssl->peerEccDsaKey : ssl->peerEccKey;
@@ -18496,10 +18505,11 @@ int SendClientKeyExchange(WOLFSSL* ssl)
NULL NULL
#endif #endif
); );
#endif
break; break;
} }
#endif /* HAVE_ECC */ #endif /* HAVE_ECC || HAVE_CURVE25519 */
default: default:
ret = BAD_KEA_TYPE_E; ret = BAD_KEA_TYPE_E;
@@ -19968,7 +19978,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
case ecdhe_psk_kea: case ecdhe_psk_kea:
/* Fall through to create temp ECC key */ /* Fall through to create temp ECC key */
#endif /* HAVE_ECC && !NO_PSK */ #endif /* HAVE_ECC && !NO_PSK */
#ifdef HAVE_ECC #if defined(HAVE_ECC) || defined(HAVE_CURVE25519)
case ecc_diffie_hellman_kea: case ecc_diffie_hellman_kea:
{ {
#ifdef HAVE_CURVE25519 #ifdef HAVE_CURVE25519
@@ -19993,6 +20003,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
break; break;
} }
#endif #endif
#ifdef HAVE_ECC
/* need ephemeral key now, create it if missing */ /* need ephemeral key now, create it if missing */
if (ssl->eccTempKey == NULL) { if (ssl->eccTempKey == NULL) {
/* alloc/init on demand */ /* alloc/init on demand */
@@ -20011,9 +20022,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ssl->eccTempKeyPresent = 1; ssl->eccTempKeyPresent = 1;
} }
} }
#endif
break; break;
} }
#endif /* HAVE_ECC */ #endif /* HAVE_ECC || HAVE_CURVE25519 */
default: default:
/* Skip ServerKeyExchange */ /* Skip ServerKeyExchange */
goto exit_sske; goto exit_sske;
@@ -23079,9 +23091,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
break; break;
} }
#endif /* HAVE_NTRU */ #endif /* HAVE_NTRU */
#ifdef HAVE_ECC #if defined(HAVE_ECC) || defined(HAVE_CURVE25519)
case ecc_diffie_hellman_kea: case ecc_diffie_hellman_kea:
{ {
#ifdef HAVE_ECC
ecc_key* private_key = ssl->eccTempKey; ecc_key* private_key = ssl->eccTempKey;
/* handle static private key */ /* handle static private key */
@@ -23109,6 +23122,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
} }
} }
} }
#endif
/* import peer ECC key */ /* import peer ECC key */
if ((args->idx - args->begin) + OPAQUE8_LEN > size) { if ((args->idx - args->begin) + OPAQUE8_LEN > size) {
@@ -23162,6 +23176,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
break; break;
} }
#endif #endif
#ifdef HAVE_ECC
#ifdef HAVE_PK_CALLBACKS #ifdef HAVE_PK_CALLBACKS
/* if callback then use it for shared secret */ /* if callback then use it for shared secret */
if (ssl->ctx->EccSharedSecretCb != NULL) { if (ssl->ctx->EccSharedSecretCb != NULL) {
@@ -23197,13 +23212,14 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
} }
ssl->peerEccKeyPresent = 1; ssl->peerEccKeyPresent = 1;
#endif /* HAVE_ECC */
if (ret != 0) { if (ret != 0) {
goto exit_dcke; goto exit_dcke;
} }
break; break;
} }
#endif /* HAVE_ECC */ #endif /* HAVE_ECC || HAVE_CURVE25519 */
#ifndef NO_DH #ifndef NO_DH
case diffie_hellman_kea: case diffie_hellman_kea:
{ {
@@ -23290,7 +23306,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
break; break;
} }
#endif /* !NO_DH && !NO_PSK */ #endif /* !NO_DH && !NO_PSK */
#if defined(HAVE_ECC) && !defined(NO_PSK) #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && !defined(NO_PSK)
case ecdhe_psk_kea: case ecdhe_psk_kea:
{ {
word16 clientSz; word16 clientSz;
@@ -23406,7 +23422,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ssl->peerEccKeyPresent = 1; ssl->peerEccKeyPresent = 1;
break; break;
} }
#endif /* HAVE_ECC && !NO_PSK */ #endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */
default: default:
ret = BAD_KEA_TYPE_E; ret = BAD_KEA_TYPE_E;
} /* switch (ssl->specs.kea) */ } /* switch (ssl->specs.kea) */
@@ -23457,7 +23473,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
break; break;
} }
#endif /* HAVE_NTRU */ #endif /* HAVE_NTRU */
#ifdef HAVE_ECC #if defined(HAVE_ECC) || defined(HAVE_CURVE25519)
case ecc_diffie_hellman_kea: case ecc_diffie_hellman_kea:
{ {
void* private_key = ssl->eccTempKey; void* private_key = ssl->eccTempKey;
@@ -23480,6 +23496,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
break; break;
} }
#endif #endif
#ifdef HAVE_ECC
if (ssl->specs.static_ecdh) { if (ssl->specs.static_ecdh) {
private_key = ssl->hsKey; private_key = ssl->hsKey;
} }
@@ -23497,9 +23514,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
NULL NULL
#endif #endif
); );
#endif
break; break;
} }
#endif /* HAVE_ECC */ #endif /* HAVE_ECC || HAVE_CURVE25519 */
#ifndef NO_DH #ifndef NO_DH
case diffie_hellman_kea: case diffie_hellman_kea:
{ {
@@ -23526,7 +23544,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
break; break;
} }
#endif /* !NO_DH && !NO_PSK */ #endif /* !NO_DH && !NO_PSK */
#if defined(HAVE_ECC) && !defined(NO_PSK) #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && !defined(NO_PSK)
case ecdhe_psk_kea: case ecdhe_psk_kea:
{ {
#ifdef HAVE_CURVE25519 #ifdef HAVE_CURVE25519
@@ -23562,7 +23580,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
); );
break; break;
} }
#endif /* HAVE_ECC && !NO_PSK */ #endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */
default: default:
ret = BAD_KEA_TYPE_E; ret = BAD_KEA_TYPE_E;
} /* switch (ssl->specs.kea) */ } /* switch (ssl->specs.kea) */

6
wolfcrypt/src/fe_operations.c
View File

@@ -44,6 +44,8 @@
#ifdef HAVE___UINT128_T #ifdef HAVE___UINT128_T
#include "fe_x25519_128.i" #include "fe_x25519_128.i"
#else #else
#ifdef HAVE_CURVE25519
/* /*
fe means field element. fe means field element.
Here the field is \Z/(2^255-19). Here the field is \Z/(2^255-19).
@@ -71,7 +73,7 @@ uint64_t load_4(const unsigned char *in)
result |= ((uint64_t) in[3]) << 24; result |= ((uint64_t) in[3]) << 24;
return result; return result;
} }
#endif
/* /*
h = 1 h = 1
@@ -570,6 +572,7 @@ void fe_sub(fe h,const fe f,const fe g)
} }
#ifdef HAVE_CURVE25519
/* /*
Ignores top bit of h. Ignores top bit of h.
*/ */
@@ -620,6 +623,7 @@ void fe_frombytes(fe h,const unsigned char *s)
h[8] = (int32_t)h8; h[8] = (int32_t)h8;
h[9] = (int32_t)h9; h[9] = (int32_t)h9;
} }
#endif
void fe_invert(fe out,const fe z) void fe_invert(fe out,const fe z)

26
wolfssl/internal.h
View File

@@ -1680,7 +1680,7 @@ struct WOLFSSL_CERT_MANAGER {
#ifndef NO_RSA #ifndef NO_RSA
short minRsaKeySz; /* minimum allowed RSA key size */ short minRsaKeySz; /* minimum allowed RSA key size */
#endif #endif
#ifdef HAVE_ECC #if defined(HAVE_ECC) || defined(HAVE_ED25519)
short minEccKeySz; /* minimum allowed ECC key size */ short minEccKeySz; /* minimum allowed ECC key size */
#endif #endif
}; };
@@ -2196,7 +2196,7 @@ struct WOLFSSL_CTX {
#ifndef NO_RSA #ifndef NO_RSA
short minRsaKeySz; /* minimum RSA key size */ short minRsaKeySz; /* minimum RSA key size */
#endif #endif
#ifdef HAVE_ECC #if defined(HAVE_ECC) || defined(HAVE_ED25519)
short minEccKeySz; /* minimum ECC key size */ short minEccKeySz; /* minimum ECC key size */
#endif #endif
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
@@ -2214,9 +2214,11 @@ struct WOLFSSL_CTX {
#endif /* WOLFSSL_DTLS */ #endif /* WOLFSSL_DTLS */
VerifyCallback verifyCallback; /* cert verification callback */ VerifyCallback verifyCallback; /* cert verification callback */
word32 timeout; /* session timeout */ word32 timeout; /* session timeout */
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519)
word32 ecdhCurveOID; /* curve Ecc_Sum */
#endif
#ifdef HAVE_ECC #ifdef HAVE_ECC
word16 eccTempKeySz; /* in octets 20 - 66 */ word16 eccTempKeySz; /* in octets 20 - 66 */
word32 ecdhCurveOID; /* curve Ecc_Sum */
word32 pkCurveOID; /* curve Ecc_Sum */ word32 pkCurveOID; /* curve Ecc_Sum */
#endif #endif
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
@@ -2803,7 +2805,7 @@ typedef struct Options {
#ifndef NO_RSA #ifndef NO_RSA
short minRsaKeySz; /* minimum RSA key size */ short minRsaKeySz; /* minimum RSA key size */
#endif #endif
#ifdef HAVE_ECC #if defined(HAVE_ECC) || defined(HAVE_ED25519)
short minEccKeySz; /* minimum ECC key size */ short minEccKeySz; /* minimum ECC key size */
#endif #endif
@@ -3178,17 +3180,22 @@ struct WOLFSSL {
byte peerNtruKey[MAX_NTRU_PUB_KEY_SZ]; byte peerNtruKey[MAX_NTRU_PUB_KEY_SZ];
byte peerNtruKeyPresent; byte peerNtruKeyPresent;
#endif #endif
#if defined(HAVE_ECC) || defined(HAVE_ED25519)
int eccVerifyRes;
#endif
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519)
word32 ecdhCurveOID; /* curve Ecc_Sum */
ecc_key* eccTempKey; /* private ECDHE key */
byte eccTempKeyPresent;
byte peerEccKeyPresent;
#endif
#ifdef HAVE_ECC #ifdef HAVE_ECC
ecc_key* peerEccKey; /* peer's ECDHE key */ ecc_key* peerEccKey; /* peer's ECDHE key */
ecc_key* peerEccDsaKey; /* peer's ECDSA key */ ecc_key* peerEccDsaKey; /* peer's ECDSA key */
ecc_key* eccTempKey; /* private ECDHE key */
int eccVerifyRes;
word32 pkCurveOID; /* curve Ecc_Sum */ word32 pkCurveOID; /* curve Ecc_Sum */
word32 ecdhCurveOID; /* curve Ecc_Sum */
word16 eccTempKeySz; /* in octets 20 - 66 */ word16 eccTempKeySz; /* in octets 20 - 66 */
byte peerEccKeyPresent;
byte peerEccDsaKeyPresent; byte peerEccDsaKeyPresent;
byte eccTempKeyPresent; #endif
#ifdef HAVE_ED25519 #ifdef HAVE_ED25519
ed25519_key* peerEd25519Key; ed25519_key* peerEd25519Key;
byte peerEd25519KeyPresent; byte peerEd25519KeyPresent;
@@ -3197,7 +3204,6 @@ struct WOLFSSL {
curve25519_key* peerX25519Key; curve25519_key* peerX25519Key;
byte peerX25519KeyPresent; byte peerX25519KeyPresent;
#endif #endif
#endif
#ifdef HAVE_LIBZ #ifdef HAVE_LIBZ
z_stream c_stream; /* compression stream */ z_stream c_stream; /* compression stream */
z_stream d_stream; /* decompression stream */ z_stream d_stream; /* decompression stream */

4
wolfssl/wolfcrypt/asn.h
View File

@@ -431,7 +431,7 @@ struct SignatureCtx {
byte* out; byte* out;
byte* plain; byte* plain;
#endif #endif
#ifdef HAVE_ECC #if defined(HAVE_ECC) || defined(HAVE_ED25519)
int verify; int verify;
#endif #endif
union { union {
@@ -565,7 +565,7 @@ struct DecodedCert {
byte* extSubjKeyIdSrc; byte* extSubjKeyIdSrc;
word32 extSubjKeyIdSz; word32 extSubjKeyIdSz;
#endif #endif
#ifdef HAVE_ECC #if defined(HAVE_ECC) || defined(HAVE_ED25519)
word32 pkCurveOID; /* Public Key's curve OID */ word32 pkCurveOID; /* Public Key's curve OID */
#endif /* HAVE_ECC */ #endif /* HAVE_ECC */
byte* beforeDate; byte* beforeDate;

2
wolfssl/wolfcrypt/fe_operations.h
View File

@@ -27,7 +27,7 @@
#if defined(HAVE_CURVE25519) || defined(HAVE_ED25519) #if defined(HAVE_CURVE25519) || defined(HAVE_ED25519)
#ifndef CURVE25519_SMALL #if defined(HAVE___UINT128_T)
#include <stdint.h> #include <stdint.h>
#endif #endif
#include <wolfssl/wolfcrypt/types.h> #include <wolfssl/wolfcrypt/types.h>

2
wolfssl/wolfcrypt/ge_operations.h
View File

@@ -29,7 +29,7 @@
#ifdef HAVE_ED25519 #ifdef HAVE_ED25519
#ifndef ED25519_SMALL #if defined(HAVE___UINT128_T)
#include <stdint.h> #include <stdint.h>
#endif #endif
#include <wolfssl/wolfcrypt/fe_operations.h> #include <wolfssl/wolfcrypt/fe_operations.h>